feat(api): filter devices to users organizations

!17 #45
nofusscomputing · Jun 2, 2024 · 89a5e0f · 89a5e0f
1 parent 64f4c8f
commit 89a5e0f
Showing 1 changed file with 18 additions and 3 deletions.
diff --git a/app/api/views/itam/device.py b/app/api/views/itam/device.py
@@ -1,15 +1,18 @@
-# from django.contrib.auth.mixins import PermissionRequiredMixin, LoginRequiredMixin
+from django.db.models import Q
 from django.shortcuts import get_object_or_404
 
 from rest_framework import generics, viewsets
 
-from itam.models.device import Device
+from access.mixin import OrganizationMixin
 
 from api.serializers.itam.device import DeviceSerializer
 from api.views.mixin import OrganizationPermissionAPI
 
+from itam.models.device import Device
+
 
-class DeviceViewSet(viewsets.ModelViewSet):
+
+class DeviceViewSet(OrganizationMixin, viewsets.ModelViewSet):
 
     permission_classes = [
         OrganizationPermissionAPI
@@ -19,5 +22,17 @@ class DeviceViewSet(viewsets.ModelViewSet):
 
     serializer_class = DeviceSerializer
 
+
+    def get_queryset(self):
+
+        if self.request.user.is_superuser:
+
+            return self.queryset.filter().order_by('name')
+
+        else:
+
+            return self.queryset.filter(Q(organization__in=self.user_organizations()) | Q(is_global = True)).order_by('name')
+
+
     def get_view_name(self):
         return "Device"